//package com.Iconcat.system.config;
//
//import org.springframework.boot.autoconfigure.web.servlet.WebMvcAutoConfiguration;
//import org.springframework.context.annotation.Configuration;
//import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
//import org.springframework.security.config.annotation.web.builders.HttpSecurity;
//import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
//import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
//
//@Configuration
//@EnableWebSecurity
//public class SecurityConfig extends WebSecurityConfigurerAdapter {
//    // 配置用户的认证方式，可以是内存中的用户、数据库中的用户等
//    @Override
//    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
//        auth
//                .inMemoryAuthentication()
//                .withUser("zzq").password("123123").roles("USER");
//
//
//    }
//
//    // 配置哪些URL路径需要受保护，哪些不需要
//    @Override
//    protected void configure(HttpSecurity http) throws Exception {
//        http
//          .authorizeRequests()
//                .antMatchers("/swagger-ui.html", "/swagger-resources/**", "/v2/api-docs", "/webjars/**","/public/**")
//                .permitAll()
//                .antMatchers("/admin/**").hasRole("ADMIN") // 需要ADMIN角色的路径
//                .anyRequest().authenticated(); // 其他所有路径需要认证
//        http.httpBasic(); // 启用HTTP Basic认证
//        http.csrf().disable(); // 禁用CSRF保护
//    }
//}
